05-23-2002 06:44 AM - edited 02-21-2020 11:45 AM
Here is my situation:
Outside VPN IP: 210.140.50.80-85 (using ficticious addresses as to not reveal my addresses))
Inside VPN IP: 192.168.190.253
Outside Trusted network router: 192.168.190.254
Inside trusted network: 192.1.1.X
IGR using 210.140.50.80
PIX outside interface 210.140.50.81
Email server 210.140.50.82
NAT for browsing 210.140.50.83
210.140.50.84-85 Used for VPN clients no NAT
How do I allow more than just two VPN connections? Do I have to have a valid IP address for each client that connects or is thier something I should be doing with NAT here? Clients are connecting to the 210.140.50.81 address than taking an address from the pool that includes 210.140.50.84-85. Is there a way to hand them off to my trusted network for IP assignment?
05-23-2002 12:23 PM
I am not sure if I am following your topology properly. Can you describe your topology better .. I am not sure how your pix firewall is connected to the VPN, and sure what VPN devices are you using ( 3000 concentrator, 5000 concentrator, pix, IOS )
Thanks
Jazib
05-23-2002 01:35 PM
I changed all the IP addresses these are all fake but it is the same topology
Hopefully this explains it a bit better:
(INTERNET)
||
\/
(IGR) --> 206.140.80.80
||
\/
(PIX 515E) --> [OUT INT]206.140.80.81 [IN INT]192.168.190.253
||
\/
(TRUSTED ROUTER) --> [LAN 1]192.168.190.254 [LAN 2]192.1.1.13
||
\/
(TRUSTED NETWORK) --> 192.1.1.0
The PIX 515E is running VPN and Firewall services
For the client side I am running Cisco 3.5.1
I am assigning the VPN clients an ip address from a pool of addresses (206.140.80.82-84). Problem is I want to have 10 clients connect to the VPN possibly at the same time on some occasions but only have 3 IP addresses . Do I have to assing each client a seperate IP address or can I do nat or pat or something.
Hope that clears it up
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: